System and method for comprehensive general common protection of computer against evil programs that might or cause damage and / or steal information

摘要

(57) (to steal data, such as destroying data or change the data) is evil and software attacks on (through the Internet in particular) a small device that is computerized and other [summary] personal computer or server / year while causing a damage of several tens of million U.S. dollars, it is becoming increasingly dangerous and increasingly common. The solution of the latest, instead of them enters deeply into the root of the problem, because it solves the problem only a limited number of on the surface, there is a limit in nature. Solution of common, is a network firewall and anti-virus most. The anti-virus, it is only the can (usually after they attacked computer already many) that already identified they detect viruses and worms, is limited. The network firewall is based on packet filtering, or accept any packet since it may contain a subjective decision based on, for example, to trust a certain site or application there, This is a limit in principle there. However, security for any reason, for example, by deception was intended or error, it is violated, the (direct or applications that hostility evil additional that can be produce damage and infinite hijack the entire network or server or computer once By opening the door to applications). They can also, for example, it is not effective against security holes in opal rating system itself or in the E-mail program or browser. According to an article in ZDnet of January 24, 2001, security holes in critical application because it is found very frequently, keep up on all patch exactly it is impractical. Also, for example (any evil program, without knowledge about it in advance, such as can be identified) appropriate and common protection against Trojan Horse without, VPN digital sign and (virtual private network) , including, even other forms of data encryption, but instead can be stolen or lower before the encryption information, it is not really safe. By entering to push deeper into the root of the problem, the present invention produces a comprehensive solution to a common common. As a default, the program, with respect to other programs or to data files or their decisive for the files on the operating system, one of the greatest absurdity of the situation of the latest technology, it prefers is that it allows you to do anything that, to let bother to customers any other, as he prefers to hotel guests, this is it, or copy it or steal their property the (property) It is also ridiculous to destroy, and to destroy their room, etc., for example, or elevator control room or electronic switch board, or a cause free access to the phone or the hotel safe. This concept is based on automatically divided between programs Customer: each to be able to obtain a privileged additional only by the authorization that was clear, this is in his room as the default guest each This is similar to limiting as the default access his strategic resources of the hotel and to limit to (resources) only.